This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/09456e-a71c-43b3-bd40-8ee3d98cad5b/1/zRQ2kCMKRApot6iqmCefL2Xf7ig.mft File: zRQ2kCMKRApot6iqmCefL2Xf7ig.mft (raw, json) Hash identifier: p5Wl3+QW7dQwYUgiLXenYQ+0nCKyiPRIsKKTuiwjnng= Subject key identifier: 46:E4:32:CA:3E:4B:A5:AE:21:B7:76:FE:7E:0C:EA:29:E3:EE:E7:0D Authority key identifier: CD:14:36:90:23:0A:44:0A:68:B7:A8:AA:98:27:9F:2F:65:DF:EE:28 Certificate issuer: /CN=cd143690230a440a68b7a8aa98279f2f65dfee28 Certificate serial: 019B59770B38FC477F7AAC13CE149492C51F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zRQ2kCMKRApot6iqmCefL2Xf7ig.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/09456e-a71c-43b3-bd40-8ee3d98cad5b/1/zRQ2kCMKRApot6iqmCefL2Xf7ig.mft Manifest number: 1499 Signing time: Fri 26 Dec 2025 07:02:12 +0000 Manifest this update: Fri 26 Dec 2025 07:02:12 +0000 Manifest next update: Sat 27 Dec 2025 07:02:12 +0000 Files and hashes: 1: vHQRV0jRUXExLLAYBdY2ODpzWoo.roa (hash: 7UhAMCr3OjHllJdnfdmjdJInrKVauXU3M4e5nn0fWuA=) 2: zRQ2kCMKRApot6iqmCefL2Xf7ig.crl (hash: Apq4XAKJ1DM+v5kfe7fT/pMqHWAAZQGpAznyRnCzh7w=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/09456e-a71c-43b3-bd40-8ee3d98cad5b/1/zRQ2kCMKRApot6iqmCefL2Xf7ig.crl rsync://rpki.ripe.net/repository/DEFAULT/49/09456e-a71c-43b3-bd40-8ee3d98cad5b/1/zRQ2kCMKRApot6iqmCefL2Xf7ig.mft rsync://rpki.ripe.net/repository/DEFAULT/zRQ2kCMKRApot6iqmCefL2Xf7ig.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:77:0b:38:fc:47:7f:7a:ac:13:ce:14:94:92:c5:1f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cd143690230a440a68b7a8aa98279f2f65dfee28 Validity Not Before: Dec 26 07:02:12 2025 GMT Not After : Dec 27 07:02:12 2025 GMT Subject: CN=46e432ca3e4ba5ae21b776fe7e0cea29e3eee70d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:12:27:aa:49:6d:22:31:b4:73:5e:b8:f0:58: ce:f2:85:90:a9:f9:3d:1c:10:2f:6b:a1:11:11:75: ea:8e:67:7e:9f:94:d4:e4:13:24:34:99:5a:a0:12: 5d:10:63:35:39:59:06:f3:57:1b:b9:c8:ba:34:d5: b8:13:0f:7b:47:c8:6a:f8:33:f8:17:52:00:29:33: 1c:8f:da:44:7a:19:97:0b:11:72:77:ba:a4:36:6c: d1:de:53:22:98:22:08:77:9d:39:41:b2:a3:84:19: de:7a:73:0b:5e:0f:cc:6c:0f:cf:2b:e1:58:90:57: 9d:ff:cc:08:ee:10:c6:95:18:b9:4f:cc:3a:2a:44: 85:64:64:a9:36:3a:74:5d:29:ec:62:5d:68:61:54: 88:b5:1b:08:36:61:3f:f1:65:66:80:ab:0b:66:e5: d2:cb:47:84:0e:4d:47:c4:a5:59:d4:25:14:6d:62: 60:2c:52:e7:75:4f:cb:ff:21:2f:be:60:c0:7d:f1: 49:6b:42:7b:2a:cc:18:80:60:de:ea:20:8b:39:9d: d8:b7:d9:0c:cf:84:d9:09:76:6e:65:72:f9:03:99: 70:83:ec:3a:b9:da:b1:a9:1d:12:03:c7:bb:0c:9a: 10:7f:de:42:be:b3:e8:70:ef:14:39:53:bb:99:96: 88:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 46:E4:32:CA:3E:4B:A5:AE:21:B7:76:FE:7E:0C:EA:29:E3:EE:E7:0D X509v3 Authority Key Identifier: keyid:CD:14:36:90:23:0A:44:0A:68:B7:A8:AA:98:27:9F:2F:65:DF:EE:28 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zRQ2kCMKRApot6iqmCefL2Xf7ig.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/09456e-a71c-43b3-bd40-8ee3d98cad5b/1/zRQ2kCMKRApot6iqmCefL2Xf7ig.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/49/09456e-a71c-43b3-bd40-8ee3d98cad5b/1/zRQ2kCMKRApot6iqmCefL2Xf7ig.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 73:52:cb:a8:cf:24:cc:07:e2:33:13:35:75:ec:bd:e4:95:b0: bf:07:b1:05:c8:c0:cb:57:95:73:8c:86:6f:3c:0a:c0:8a:6f: 69:58:50:60:ac:ce:d4:fd:39:22:8b:db:fe:67:1a:6f:95:49: 90:48:b5:8a:e3:92:62:c8:ac:97:a4:b2:1e:79:98:1b:b0:d2: 3f:3f:66:f9:97:15:8e:d2:9c:da:f7:b4:d1:8b:b8:86:da:44: e4:3a:cc:92:26:2b:70:64:90:af:14:8e:52:8a:e7:56:c8:c8: 70:5a:c7:00:a6:30:52:9f:42:f9:86:08:b2:50:b2:d4:2c:7f: d1:14:25:d3:bb:f8:f6:cd:1a:e9:b5:05:93:fa:49:b0:4f:7d: a6:57:5d:b7:0c:25:ab:cb:e1:08:22:ef:a8:07:26:f2:d7:fe: 25:e9:98:34:0a:e7:44:57:96:e6:0f:71:8a:8d:d3:cf:f2:bb: 04:15:64:b3:3a:00:3e:ef:63:0d:f4:8b:ab:50:13:ea:c7:ab: 6c:9e:bf:4d:22:fe:00:cf:c8:84:ed:85:0b:32:d9:6e:ce:1a: 00:b1:72:c4:d3:0c:85:fb:0f:36:ef:2a:a8:d4:11:24:4f:7f: 3c:2b:17:2c:34:91:10:5c:67:19:19:51:d2:42:ec:00:72:1c: a6:cc:a3:f5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZdws4/Ed/eqwTzhSUksUfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNkMTQzNjkwMjMwYTQ0MGE2OGI3YThhYTk4Mjc5ZjJmNjVk ZmVlMjgwHhcNMjUxMjI2MDcwMjEyWhcNMjUxMjI3MDcwMjEyWjAzMTEwLwYDVQQD Eyg0NmU0MzJjYTNlNGJhNWFlMjFiNzc2ZmU3ZTBjZWEyOWUzZWVlNzBkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuRInqkltIjG0c1648FjO8oWQqfk9 HBAva6EREXXqjmd+n5TU5BMkNJlaoBJdEGM1OVkG81cbuci6NNW4Ew97R8hq+DP4 F1IAKTMcj9pEehmXCxFyd7qkNmzR3lMimCIId505QbKjhBneenMLXg/MbA/PK+FY kFed/8wI7hDGlRi5T8w6KkSFZGSpNjp0XSnsYl1oYVSItRsINmE/8WVmgKsLZuXS y0eEDk1HxKVZ1CUUbWJgLFLndU/L/yEvvmDAffFJa0J7KswYgGDe6iCLOZ3Yt9kM z4TZCXZuZXL5A5lwg+w6udqxqR0SA8e7DJoQf95CvrPocO8UOVO7mZaIewIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEbkMso+S6WuIbd2/n4M6inj7ucNMB8GA1UdIwQY MBaAFM0UNpAjCkQKaLeoqpgnny9l3+4oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvelJRMmtDTUtSQXBvdDZpcW1DZWZMMlhmN2lnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS8wOTQ1NmUtYTcxYy00M2IzLWJkNDAt OGVlM2Q5OGNhZDViLzEvelJRMmtDTUtSQXBvdDZpcW1DZWZMMlhmN2lnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80OS8wOTQ1NmUtYTcxYy00M2IzLWJkNDAtOGVlM2Q5OGNhZDVi LzEvelJRMmtDTUtSQXBvdDZpcW1DZWZMMlhmN2lnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc1LLqM8k zAfiMxM1dey95JWwvwexBcjAy1eVc4yGbzwKwIpvaVhQYKzO1P05Iovb/mcab5VJ kEi1iuOSYsisl6SyHnmYG7DSPz9m+ZcVjtKc2ve00Yu4htpE5DrMkiYrcGSQrxSO UornVsjIcFrHAKYwUp9C+YYIslCy1Cx/0RQl07v49s0a6bUFk/pJsE99plddtwwl q8vhCCLvqAcm8tf+JemYNArnRFeW5g9xio3Tz/K7BBVkszoAPu9jDfSLq1AT6ser bJ6/TSL+AM/IhO2FCzLZbs4aALFyxNMMhfsPNu8qqNQRJE9/PCsXLDSREFxnGRlR 0kLsAHIcpsyj9Q== -----END CERTIFICATE-----Generated at Fri Dec 26 14:07:11 2025 by rpki-client